Saturday, 4 March 2023

Computers Are Like Pizzas

I'm currently working with partners developing curriculum that creates an understanding of how computers work. The challenge is in getting adult focused instructional designers to recognize the enormous gaps students have in terms of their understanding of computer technology. Digitally fluent adults assume young people have an intuitive understanding of how these machines work, but they don't. If you assume this you end up with frustrated and confused students.

We rolled back initial lessons to the point where we're introducing students to how computers store local files, but even that wasn't far enough. With no coherent digital skills curriculum in our schools, you have to clear away a lot of misconceptions and back up the truck all the way before you can start building a coherent understanding of how digital technology works. As in the case of most problems, thinking about pizza helps...


Only Old People Use Computers...

 'Wait a minute!' you say. 'I'm super cool! I don't use old fashioned things like computers! I'm a digital native who lives on their phone.'

Newsflash! Smartphones are computers! So are tablets, Chromebooks, laptops, desktops, IoT devices like your smart thermostat or the Alexa that's listening all the time. Because they're all fundamentally the same thing, you can understand and fix them when they go wrong. You're using a computer to read this right now, it just might not look like one.


ALL COMPUTERS ARE LIKE A PIZZA

If you think about pizza when you're diagnosing a computer (which might look like a phone, car fuel injection system, laptop or smart fridge), it helps you to isolate where the problem is and clarifies what you need to do to fix it. All electronic computers share the same fundamental components, and those components are pizza-licious!

The Dough: HARDWARE

This is the part of the pizza that can look very different. The physical shell we put a computer in can range in size from a smartwatch to building-sized supercomputers. Generally, the smaller they are the slower they are because electronic computing generates heat and that's hard to get rid of when you can't install fans and other cooling stuff to get the heat out and let the processor run at top speed.

That's why desktops always feel faster than laptops. Their architecture can be designed for speed because engineers can get rid of the heat made from running a processor fast. Mobile processors are often throttled down desktop hardware. Even smaller computers tend to be specialists only having to do a few tasks that engineers can optimize the hardware for. Phones can only run certain apps, watches are even more limited and single function computers like ATMs or smart thermostats can optimize all of their hardware to a single task.

If you're having hardware headaches, like a computer overheating and locking up, you can fix it like a mechanic, with tools (and thermal paste) and some physical attention. If you get handy enough, you can even start building your own crusts.

The Sauce: FIRMWARE

Computer hardware doesn't know what it is - it's just STUFF. When you first power up a computer (phone, desktop whatever), you often see text appear for a second and then disappear. That's the saucy FIRMWARE. Firmware is software that's written onto a chip in the computer that tells it what kind of hardware its running on. 

Firmware is sometimes called BIOS, which stands for Basic Input/Output System - which is literally what it is; software that tells the computer what hardware it has that takes care of inputting and outputting data. UEFI replaced BIOS on modern computers, but it's just a fancy BIOS with graphics that make it easier to navigate. It's pointless acronym creep like this that puts people off learning about computers!

The Cheese: OPERATING SYSTEMS

On top of the firmware sauce you have the cheesy OPERATING SYSTEM. You've seen logos for them for years, but probably don't give them much thought. If you're a PC type person you'll have seen Windows evolve through XP, 7. 8. 10 and now Windows 11 versions. Apple people know OSx (Operating System 10), and if you know any nerds they'll tell you about Linux - the free, open source operating system that gives you great power to modify.

OSes are the software that span the gap between users and the machine itself. OSes have a lot of work to do running an incredible variety of applications, some of it very poorly made, without crashing, though sometimes they do. OSes have to integrate all the different input methods (touchscreen, mouse, trackpad, keyboard, etc) and all the possible output methods like screens, printers, haptic feedback or even the LED lights on the computer itself. Juggling all of that hardware and software, all of it engineered to different standards and coded with varying levels of skill, is a mighty task, though that doesn't stop people from ripping on the cheesy OS...

Apple came up with a series of Mac vs. PC ads back in the day. Someone came up with the parody above - it's funny, but the stretch operating systems have to do to bridge the gap between clueless users and complex layers of hardware and software is a massive.

It's in the cheese of operating systems where you run into a lot of headaches, unless you make a computer so absurdly simple that it can only do one thing. Rather than learn the complexity computers are capable of in order to leverage the flexibility of a general purpose machine, we've surged toward simplicity. It started with Apple's 'walled garden' approach to iOS, where apps must comply with (and pay for) strict standards. This allowed the iPhone to create a larger user base because it simply worked - just not in as many ways as it might.

Android came along with a more open approach and took back some market share, but most people would rather do less if it means not having to learn anything about computers. Nowhere is this better shown than with Chromebooks. Chrome OS that runs on a Chromebook is actually a flavour of Linux designed to give you only a browser. They're great because you can barely do anything with them and they're easy to manage - which is why we use them in schools to teach digital fluency.

Of course, if you're crafty you can work around all these blocks. You can 'jail break' Android and iOS phones to allow you to update the OS (many  companies freeze you out of updates after a couple of years in order to force you to buy a new device). Jail breaking usually involves finding a hacked firmware (remember the sauce?) that has removed any locks on what kind of OS can be installed. You overwrite the official firmware with deristricted firmware sauce and then you can keep updating your Android or iOS versions or install software on the device that the manufacturer blocked.

The Toppings: APPLICATIONS and PROGRAMS

A pizza wouldn't be a pizza without some toppings that customize it to your taste. When you first start up a new computer it's a plain cheese pizza. Your dough (hardware) powers up and runs your sauce (firmware), which makes the computer aware of its hardware and then hands it all off to the cheese (operating system), which loads you into a plain pizza starting environment.

If you've got any problems that prevent you from getting to your OS starting screen then you know where to look in the boot process to solve the problem. If the machine doesn't power up, you'll be working with the dough. If it powers up but gets stuck in a text screen before the OS logo appears, you're focusing on the sauce. If the OS logo appears but you don't get to the start screen, you're fixing the cheese.

 As you customize your pizza computer to your needs, you install apps adding another layer of complexity to your poor old operating system. Generally, the longer a computer has been with a user, the more toppings they've piled on. This gets complicated by apps and operating systems getting out of date, then you might have rotten toppings wrecking your otherwise yummy pizza. You've got to keep your toppings (OS cheese and even your FIRMWARE sauce) up to date or you can end up with problems. The vast majority of pizza lovers aren't very good at looking after their cheese wheels, which makes hackers very happy.


If you really like pizza, you'll make your own...

These PC pizzas were just coming into being when I was growing up in the 1980s. Early machines came complete as a 'deluxe pizza' with the crust, sauce and cheese all per-selected for me. My first two PCs, a Commodore VIC-20 and Commodore 64, offered crust upgrades (memory I could plug into the expansion port), and gave me control of the toppings, which we quickly learned how to customize.

In the late 80s/early 90s I got into i386 IBM clone computers. This was my first go at a truly DIY pizza PC. I got to select components to customize my crust, the sauce firmware comes with the hardware, but then I could pick my OS cheese too. I haven't owned a 'deluxe' pre-made pizza PC since. My current desktop is a custom case I selected for its big fans so that it runs quick, cool and quiet (it also happens to look like the bat mobile). To that I added a high-speed motherboard, fast processor and lots of RAM (fast memory), so it never hesitates, even when I'm running many applications at once. A VR ready video card means my graphics are super quick and the whole thing is aimed at precisely what I want to do with it. Custom crusts are the way to go.

For the cheese I always install multiple operating systems. Right after my firmware sauce finishes it gives me a menu that lets me choose between many different OS cheeses depending on what I want to do.  My desktop will boot into two versions of Windows, three versions of LInux (each customized for a specific task) and it even 'hackintoshes' if I need to test something in an Apple environment. My pizzaPC changes its cheese based on what I need it to do!

The Pre-made Pizza Dilemma: DELUXE PIZZAS USUALLY AREN'T

The urge to Chromebook us has always been with us. The 'game system' industry is a Chromebook for games. Pre-selected crust, sauce and cheese lead to a limited selection of toppings (games), but this simplification and one trick pony reduction of multi-purpose computers into toys is where the money is, though as educators I think it's incumbent upon us to use technology responsibly, and that means not using it in ignorance.

When we simplify computers to satisfy simple people needs, we end up even more oblivious to how they work. When I first started teaching computer technology in high school, I could assume my incoming grade 9s knew how to navigate file management in a computer (that's deep in the cheese). But as Chromebooks took over I realized that (thanks to cloud based everything), students had lost their understanding of how local files are stored. If we roll back our digital skills curriculum and start at the beginning, we can begin to build digitally fluent graduates who won't fall into a digital skills gap the moment they leave our schools.

 

RESOURCES IF YOU WANT TO MAKE YOUR OWN PIZZA PC

If you're curious about customizing your own pizza PC, PC Parts Picker is a great place to start. Once you realize what's available in terms of doughy hardware and what you can do with your cheesy operating systems, computers suddenly turn from something you barely understand (even though you use them every day) to a tool that you can fix and customize to your needs.

Here is the lesson plan we work from when I introduce students to computer architecture.

But the best possible way to get these concepts across to students is to have them build desktops with their own hands and you can do this FOR FREE! Find the COMPUTERS FOR SCHOOLS program in your province and they will happily provide you with computer hardware to DIY your PC builds. I've worked with RCT Ontario for many years and they are fantastic, providing teachers who want to build genuine technology fluency in a hands on way.

Students love building their own machines, but the best part is the EQUITY and INCLUSION it enables. For students who don't have a computer at home, they can build one and then take it home knowing how it works and how to fix it, making this one of very few times where the education system is actually closing rather than widening the digital divide.

The Digital Divide is Deep & Wide

Using the Pandemic to Close the Digital Divide

 How to Pivot Ontario Education to Prepare for The Next Wave 

Why Canadian Education is so Reluctant to Move on Digital Literacy

Posted by at
Labels: , ,

Monday, 13 February 2023

Why Canadian Education is so Reluctant to Move on Digital Literacy

 I had a talk the other evening with a Vancouver educator teaching cybersecurity curriculum at his local school board. Like me, Todd has been working alone, offering the local students he has access to the opportunity to learn cyber-skills that would benefit them in any field of study. And, like me, he has helped to launch a few students into careers in this radically underserved career pathway.

Despite being 3 time zones away, Todd is running into the same difficulties I am in Canada's regionally siloed education systems. When he reached out to other districts in British Columbia they didn't engage, and so his work remains isolated to his district. Cyber-attacks on education fill the news, yet the vast majority of students have no access to learning this emerging (and essential) digital media literacy.

In 2017/18 we got involved in CyberTitan, the Canadian centre of excellence for the international CyberPatriot competition (the world's largest student cybersecurity competition). From there we developed a thriving cybersecurity extracurricular program that has since influenced our in-class curriculum in timely and diverse ways., but when I asked a system 'lead' if we could help other schools to engage in the same competition I was told, "it's already running at your school." Leaving us in the same place that Todd finds himself.

With headlines like these (an extensive list of Canadian education hacks can be found at the bottom of the post) wouldn't cybersafety training in every school be a good idea?

Ontario school board trying to recover from cyber incident

Personal data of 70,000 students accessed in school board cyberattack

Cyber-education is just the most obvious part of a much bigger digital skills iceberg.

Yet we barely cover coding in public schools, let alone the rest - even though we depend on it in every subject. Digital technology has become integral to learning in 2023, yet no one has a dedicated curriculum to teach the cybersafety and the technical skills needed to use it safely and effectively. It's why remote learning during the pandemic became an abject failure.


Cyber-Education: an Educational Failure in Education

You have to ask yourself why schools aren't engaging in the cyber-education they should have started when eLearning and other online education technology placed student data and attention in potentially hackable online locations. The answer to this question has eluded me for years, but I'm starting to formulate a theory. It began with seeing yet another example of the rhetoric that public education likes to lean on:

"The lack of robust cybersecurity measures stems from underfunding within schools and #educational groups. Often, they don’t have enough resources or budget to invest in #cybersecurity or train staff and students to practice good cyber habits."

Why are Canadian schools so vulnerable to cyberattacks?


ICTC-CTIC has been offering free cyber-learning opportunities for years in addition to running CyberTitan since 2017 with the support of the Communication's Security Establishment (Canada's cryptography agency charged with securing government communications). It doesn't get more credible than that this, yet we struggle to engage individual teachers let alone school system 'leaders' with these FREE programs. The reticence isn't about cost, it's an unwillingness to make time and take responsibility for our rampant use of education technology. The vast majority of cyberattacks depend upon user digital illiteracy to succeed and we face a global digital skills crisis, yet education seems determined to do as little as possible to address any of it. The question is why.

No where did our failure to address
digital literacy appear more apparent than
during the remote learning emergency.
Perhaps picking up the baton now would highlight a failure that has been decades in the making. By doing nothing, public education remains the victim of cybercriminals and technology disruption, just like the rest of us.

We should have begun developing this technology media fluency the moment we placed student learning in hackable online spaces. It's not a flattering analysis, yet moving past this head-in-the-sand approach is essential if we're going to keep putting student (and staff) information where criminals can exploit it. Our collective ignorance is the cause of the current cybersecurity crisis and the global digital skills shortage; it's a failure of education... by education!


Our Failure to Systematically Teach Digital Literacy Even As It Becomes an Expectation in All Subjects

Poor user digital fluency is the result of our failure to teach it in any kind of systemic manner. The cunning plan so far has been to hope parents are doing it at home* (*this link shows that they might be, if they can afford it). Meanwhile parents are assuming a comprehensive digital skills curriculum is happening in schools, and by comprehensive I mean year on year skills development in dedicated subject time using curriculum that results in functional and safe technology users. We obviously don't have those.

The students I see arriving in grade 9 suggest that this is not systemically happening, and where it does happen it is because a single teacher is trying to bridge this gap themselves. The assumption many parents labour under is that teachers are digitally literate, but they are much like the general population. Worse actually, because the education itself has dragged its feet engaging with digital transformation resulting in the people in it being less digitally savvy than the general population.

If we taught digital skills like we taught other foundational skills that are required across all subject areas (literacy, numeracy, etc), we would have periods focused on developing those skills and integrated subject specific digital fluency across all disciplines, but we don't even cover digital literacy development as comprehensively as we do geography (mandatory k-8 dedicated subject time and a mandatory grade 9 course). There are no mandatory digital literacy courses in any Ontario high school and in K-8 curriculum, where it happens at all, it's usually fixated on coding which does little to teach cybersafety. The ongoing digital skills shortage and a rash of user ignorance driven cyber incidents suggest that the piecemeal approach we've grudgingly adopted isn't working.

I've been pointing to these embarrassing statistics and presenting on the importance of filling this foundational gap in our curriculum for years on Dusty World

2022 TMC7 Research Symposium: Table Talks and Future Skills

(2020) How to Pivot Ontario Education to Prepare for The Next Wave

(2017) The Digital Divide is Deep and Wide

(2012) The New Literacy

Perhaps now, in a maelstrom of bad press and the potential for real financial damage to staff and students (and their families), education will finally take on systemic transformation to address digital skills and especially cybersecurity awareness. The benefits would go far beyond reducing the number of successful cyber breaches. A more digitally literate society would be able to pivot to remote learning in an emergency and might also offer climate reduction possibilities by reducing the need for face to face schooling. It would even help create a less factory driven/age based system that relies on millions of gallons of diesel to deliver bodies to age appropriate facilities every day. The central problem is that the digitally delayed education system is the least likely place to find this future friendly vision.

We could have used the pandemic to finally
engage with digital literacy - instead it became
another excuse to play victim to our own
lack of foresight.
Do you know how many times cybersecurity is mentioned in Ontario computer technology or computer science curriculums? Not once - not even in the two specialist subjects it should be covered in. We've driven students onto potentially insecure online learning environments for years now and even the compsci students don't learn how to secure it.

 Nowhere has this failure to address digital literacy been more apparent in emergency remote learning where many students were thrust into online mediums that they have very little understanding of with unsurprising results. Most students still equate technology with entertainment, which is why implementing it in classrooms has been fraught with problems. Most teachers have less digital fluency than anyone in a modern office setting.

One of the early myths used to justify this bury-it approach to digital literacy was that of the 'digital native' - the idea that students who grew up with digital technology were somehow magically imbued with the ability to understand it technically and use it safely and effectively. This is like saying that because I grew up in the 1970s and was familiar with cars, I already know how a car works and how to operate one. This absurd belief persists in many schools despite being summarily discounted by research.

Being familiar with digital technology means you don't have to overcome the fear that older people have in making a mistake with it, but I can assure you, students are not immune to making poor technical decisions based on digital ignorance. The rush by students in my school to use 'free' VPNs to bypass blocks on social media sites isn't digital native genius, it's profoundly ignorant. The criminals offering these services aren't offering them for free. This gives a fine example of how digitally illiterate school systems are. Blocking content and driving students to put their digital information at risk through questionable technology is about where we're at in education these days. Incredibly, many educators then point to this as an example of just how good the kids are with technology.

Research on the poor state of digital skills across entire populations shows an astonishing lack of capability, even as we increasingly depend on networked digital technologies to support every aspect of public education. When technology fails, the learning stops in 2023..

This isn't just a Canada problem, it's worldwide.
Addressing the digital skills gap for future education

A global measure of digital and ICT literacy skills (it isn't pretty)

"higher socioeconomic status was associated with higher proficiency both within & across countries - student experience of computer use & their frequency of computer use at home were positively associated with proficiency" - Because we off-load this essential literacy because we don't want to take responsibility for it.

The Distribution of Users’ Computer Skills: Worse Than You Think

Nearly 1 in 3 workers lack foundational digital skills

Canada struggles to prepare its workforce for changing digital economy

"81 per cent of Canadians say they don’t have the resources to learn the digital skills required by businesses today, and 86 per cent say they are not prepared to meet the digital skills requirements of the future."


Summary 

Cyber-education is the sharp end of this failure to teach digital literacy because of the fear that surrounds the subject and the dire consequences of not addressing it. Convincing educators to engage with cybersafety, cybersecurity and data privacy learning is virtually impossible, especially as most staff are no more digitally savvy than anyone else. You have to be trying exceptionally hard to not be using digital technology in 2023. Your lights are on because of it and your lessons are available to students because of it, yet no one wants to teach it, or learn it as a specific technology/media skill.

Beyond the sharp point of cyber, we have a population that spends an inordinate amount of their time, both professional and personal, in networked technology, yet almost no one knows how it works, what to do when it goes wrong or how to secure it. Younger people aren't afraid of it, but their bravado creates dangers of a different kind.

If we're going to use networked technology in every subject, we should have K-8 curriculum in place with mandatory time given to specifically learning digital skills well beyond coding, and also include digital literacy integration with all subjects. This should begin the moment we put students in online learning.  A systemic approach to this would start solving the educator digital skills crisis and eventually result in a dramatic drop in successful cyber-attacks as we begin to heal the ignorance that current attacks exploit. Many federal programs exist, but Canada's chaotic, siloed education landscape means that with no central authority, provincial ministries and local school boards are left with the responsibility to engage with a problem that operates well beyond their jurisdictions.

Digital skills gaps cost billions in lost jobs and opportunities and exacerbate existing inequalities. By resolving this failure of vision that public education has been central in creating, we might finally assume the role it should have played all along. It doesn't require lengthy apologies, but it does require some humility before a systemic failure we've all played a part in. I only hope the people leading education in Canada are more interested in doing the right thing for students, staff and their families instead of maintaining the expedient idea that digital literacy happens by magical birthright, or at home.


Yes, it's a tsunami of cyberattacks on canadian education:

Vancouver Film School hit by paralyzing cyberattack
Attackers say they have deleted data stolen from Ontario school board
School board confirms hack; attacker sent note through photocopiers
Ministry beefing up security after school board 'cyber incident'
Ottawa french public school board paid hackers ransom after data breach
Teachers and parents urge answers as investigation into school board hack continues
OSSTF confirms current and past members’ information compromised in cyberattack
Former members call out OSSTF for handling of personal information stolen in cyberattack
Maple Ridge-Pitt Meadows school district alerts families of potential data leak
“It’s pretty scary”: TRU students concerned after possible hacking of student aid websites
https://canadatoday.news/ca/vancouver-park-board-to-consider-new-revenue-streams-including-more-restaurants-223298/
https://www.therecord.com/news/waterloo-region/2022/09/15/at-least-three-former-wrdsb-employees-report-identity-theft-attempts-since-cyber-attack.html
https://cupe.ca/statement-crystal-krauter-maki-educational-assistant-and-cupe-4148-president-regarding-ransomware
A failure to educate staff

What our failure in education looks like to the people experiencing it:
"44% said that school only taught them very basic computing skills, 37% said that school education didn’t prepare them with the technology skills they needed for their careers. 40% consider learning new digital skills essential to future career options"
Posted by at
Labels: , , , ,

Saturday, 15 October 2022

Creating A Canadian Cybersecurity Ecosystem

Last week I attended my first conferences in a long time. Someone will have to explain to me why classroom teachers have no access to professional development like this. On Wednesday and Thursday morning I was at SecTor in Toronto, making many new contacts in industry and realizing that the vast majority of companies on the front lines of cyber-defence in Canada are eager to help both the public and public education get a handle on cybersafety and digital hygiene. On Thursday afternoon and Friday I was at the University of Waterloo for their Privacy & Cybersecurity Conference. These were two very different conferences with SecTor clearly focused on industry and sales and Waterloo's CPI on academic research and strategic thinking, but you'd be amazed how well the two fit together. I really wish they'd arrange things so people could do one and then the other instead of overlapping them, but that failure to look after each other symbiotically is emblematic of a larger problem in Canada.


I had a great chat with a colleague at ICTC a few weeks ago where he described his approach as 'serving the ecosystem', which I intend to emulate.  He sees ICTC's role as helping everyone working in Canada's digital skills development space to meet the council's mission, which is to strengthen Canada's digital advantage in an ever more connected and volatile global economy.  This sounds like a big ask but I believe in the goal, and that belief gives me the energy to take on this seemingly insurmountable task.

One of my favourite moments from the Waterloo CPI conference was when one of the audience, after listening to how five universities are connecting to each other, interrupted with a clear and present warning.  He guaranteed that in the next five years Canadians are going to be sitting in the dark after a cyber-attack from a well developed foreign aggressor.  When we're all sitting there in the cold and dark with no electricity, gas or communications, will we think we've done enough?  Intense, right?

Early in the talk that question came up in, the head of TMU's CyberSecure Catalyst was talking about how he headed to Israel to see how they created a world-class cybersecure ecosystem in the most challenging of circumstances.  His takeaway?  The Israeli system is predicated on familiarity, trust and connectivity.  After only a month and a bit observing Canada's approach, it seems we're doing the opposite.  I've stumbled across excellent resources in both government academia and industry, but each one is working from its own funding formula and entirely focused on meeting the targets in that formula.  Even our connectivity is fractured with numerous 'networks' forming independently of each other, all with the idea of uniting us.  It'd be funny if it weren't so absurd.  Here are a few of them:
They're all doing good work, but they're doing it in silos and in many cases repeating material found in other programs.  It's neither efficient nor is it anything like the Israeli approach of centralized trust, familiarity and cooperative development.  I'm not surprised that, after announcing yet another Canadian network that'll cure our cyber-skills shortage (which is so bad that the government says we need to bring in talent to fill the gap), that guy in the audience lost his patience.

"The siloed approach we know doesn't work anymore. We think it should change and this budget didn't give us the warm fuzzies."

Christyn is exactly right, Canada's initial approach of jumpstarting as many programs as it could to try and cover the cybersecurity shortfall doesn't scale well now that cybersafety is a part of everyone's lives from individuals and small businesses all the way along to multi-national corporations and federal governments.  COVID only accelerated our dependence on digital connectivity yet we continue to lag behind in terms of cyber capacity, especially in education.

At the conference, Ontario's Ministry of Economic Development representative kept describing Ontario's many cyber-focused companies and educational organizations as an ecosystem, but a lot of potted plants all sitting in the same area are not an ecosystem, which is exactly Canada's problem.

How Canada is approaching cybersecurity capacity development.

How Israel does it - with trust, interconnectivity and familiarity - no silos, and everyone looking after each other.

Canada needs to work together to create a national focus on cybersecurity skills development starting in elementary school with integrated digital hygiene and cybersafety learning that leads to middle school access to programs like CyberTitan that introduce students to hands on I.T. skills that demystify the subject and open up pathways.  In high school everyone should be learning essential digital skills (which are atrociously poor - more than 80% of successful cyber-attacks are the result of user ignorance) as a mandatory course. Students interested in pursuing cybersecurity should have early access to coop and STEM programs that will set them on the right track for post-secondary - no adult upskilling required.  This is also where we need to address how our high schools genderize pathways, knocking many girls out of these opportunities.

If we can demystify cyber in k-12 we will be able to graduate cyber-safe students who are able to operate in our interconnected digital economy in every pathway.  Digital fluency and access to cyber-opportunities is, of course, also an equity and inclusion issue; these opportunities aren't just for wealthy, urban boys, though they continue to dominate the industry.  Emerging digital careers tend to be more future proof and higher paying, and everyone deserves a crack at them.

Canada is the only major federation and one of few countries in the world without a national education standard, leaving our minors open to wildly differing political influences and support in our schools; there is no such thing as 'Canadian Education'.  Rather than start with central administration, I think Canada should start with a canadian student bill of rights to protect minors from these changeable winds, but I digress.  Canada's fractured approach to education (like its fractured approach to cyber) means that we need to reach a critical mass with government and industry partners in order to break into the siloed world of canadian public education.  But with no central authority to get onside, a win in Ontario does not mean a win in Quebec, or anywhere else in the country.

Canada's patchwork approach to governance along with its challenging geography means we're facing barriers that Israel and other world leaders in cyber have never had to contend with, which is precisely why we need to pool our resources, grow an interconnected ecosystem of pubic and private cyberskills supporters and then take on this seemingly insurmountable task.

Cybersecurity might sound like an esoteric reason for this big of a challenge, but cyber lives at the pointy end of a pyramid of digital infrastructure needs that Canada is still sorely in need of developing.  Focusing on cyber means we're also focusing on equity and inclusion by connecting everyone, including remote northern communities, new Canadians and people who can't afford Canada's monopolistic telecom infrastructure, to the digital economy.  To get to cyber we need to get through device accessibility, network connectivity and digital skills development, which is why it's a worthy strategic goal. 

The trick is going to be getting all these disparate interests to unite in order to tackle Canada's unique and challenging geography and history - otherwise we're all going to be sitting in the cold dark in a few years wondering why we didn't do more when we could have.

***

UPDATE:  News from the frontlines of 21st Century war, which includes cyber:  

"Collaborating, exchanging information, assisting one another — this is the best way to thwart cybercriminals."

"All told, cyber resiliency relies on collaborative efforts from the global community, he said. Addressing the corporate audience, he underscored the importance of investing in and building a cybersecurity system as a strategic method to improve the cyber resilience of the state."


The importance of collaboration in cybersecurity, including in education and user outreach, is more obvious than ever as the Ukraine conflict continues.  One day Canada will be in the crosshairs, will we be ready?  Or will we have dozens of competing interests all producing redundant content?
Posted by at
Labels: , , ,

Sunday, 29 November 2020

Psychology, Cybersecurity and Collaboration in Educational Technology

We were beta testing Field Effect's state of the art Cyber Range online cybersecurity training system this week in our grade 10 TEJ introduction to computer technology course.  Our skill levels in that open class range from two students who are top ten in Canada in the CyberTitan student cybersecurity competition in their respective disciplines, to students who have never owned a personal computer at home because their parents thought a series of gaming consoles would adequately prepare them for life in the Twenty-First Century.

The challenges of keeping students with such diverse skillsets engaged in a single classroom aside, I'd agreed to beta-test this software because it offers a way past one of the biggest blocks to schools entering the Cyberpatriot/CyberTitan competition.  To participate in the competition you need a desktop or powerful enough laptop computer being run by an operating system that can do more than just browse webpages through a single corporation's lensVirtual machines are whole computers that can be simulated in a single window, and they offer a valuable tool in examining cybersecurity issues without putting your school network or computers in peril (installing a virus to see what it does on a school computer would produce obvious headaches).  If things go wrong in a virtual machine you just shut the window.

The Field Effect remote software ran fantastically well on our DIY student built classroom desktops and would work equally well on something as simple as a Chromebook,though trying to do this through a single, tiny 1366 pixel wide monitor would be a headache.

Once we got everything up and running I reminded students that they were manipulating a remote, virtual computer stored on a server in Ottawa.  When you're aware of what's happening behind the screen, seeing what we can do on networks with enough bandwidth, like the one we now have at school, is mind blowing.

The cybersecurity gurus at Field Effect didn't muck about when they set up this virtual online image.  When you first boot up the compromised Windows 10 image you're met with a full screen warning with flashing lights and a locked screen telling you that you've been ransomwared.

Even though students had been repeatedly prepared for this and I'd explained what a virtual machine was and how whatever happens in it doesn't hurt anything, this threw half of them into a panic.  The responses ranged from randomly mashing buttons to giving up, sitting back and loudly commenting on how stupid everything was.  That's in an optional course full of students who have demonstrated an interest and willingness to learn computer technology.  The vast majority of students (and staff) in education don't get nearly that much training, yet they're all still increasingly depended on digital technology in every class they're in.

The psychology of the attack was interesting.  The flashing warnings and countdown timer did what it was supposed to do with anyone lacking in digital skills (which is a startlingly large number of people in Canada in 2020).  Cybercriminals depend on this technical illiteracy.  My CyberTitans and many of the other digitally savvy kids in the room right clicked on the flashing screen and exited 'full screen' mode, which brought them back to a desktop, which some then got lost in:


This 'geek prank' fake WindowsXP desktop was also on 'full screen' behind the ransomware fullscreen warning, but even when others showed students trapped by the ransomware screen the same F11/exit full screen way out of it, many had already succumbed to frustration and had given up (again).  Several spent long minutes in the fake XP desktop trying to do things even when it said 'fake XP simulator' right on the screen.  Being unresponsive to what a computer is telling you when things aren't working right is a common response in weak users.

The digitally skilled CyberTitans were past the two blocks in seconds and were figuring out how to secure this hacked Windows 10 laptop and restore control for the proper user on it.  More than 70% of the class were stuck in two hacks that were so easily resolved that I was left wondering how we could back things up and restore their mangled pride.  Many of them, only a few days before, had done "my-experience-with-technology" presentations where they'd described themselves as digitally savvy, on Thursday morning this was in tatters.

The actual work of a cybersecurity operator in a case like this is not just to return things to normal but also to diagnose and identify the attack vector.  In an administrative user account that shouldn't have been on the machine there were files and instructions for how to run the malware, and even some background in downloads and browser histories that explained why this other employee had done what they did, but many of the students - including the quick movers, quickly deleted the evidence instead of forensically examining it.

This brought up the opportunity to talk about how much of what information security professionals do in our very networked world is more like a detective than a traffic cop.  It isn't just a matter of making sure every user complies with expectations, it's also vital to understand how the system was compromised because this will guide future security defensive settings.  It's things like this that have me wondering why there are no cybersecurity courses running in any Ontario high school, or no mention of cybersecurity in Ontario computer technology curriculum.  Any mention of security in the curriculum is rooted in 20th Century ideas of passwords or at best wifi encryption, the world has moved on.  The cloud-based networked world we're all leveraging in every classroom in Ontario goes unmentioned.

Once we got past the opening chaos, many students got into the detail work of repairing settings deep inside Windows, restoring control to the correct user and locking down firewalls that the ransomware had opened up.  If this all sounds greek to you it shouldn't, you're using all those things right now to read this.  And you and your students are using them every time you have them login to a cloud based service.  We're all offering an 'attack surface' to cybercriminals whenever we go into the cloud, but pretty much everyone is blissfully unaware of it.  People (users) are part of that cyberattack surface.  Not addressing cyber-illiteracy means you've just opened up opportunities for bad actors.

The problem then became all the wounded male pride in the room.  The students who struggled and gave up were also the ones who adamantly refused to get up and collaborate with the other people in our mono-gendered morning cohort.  Fragile male pride means you can't be asking for help - or collaborating, especially in a subject where you've convinced yourself you're an expert.  The more gender balanced afternoon cohort was constantly communicating and hive-minded their way through the infected image so effectively that most of them actually finished it with a perfect score.

The opening hacks were a source of laughter rather than long faces in the afternoon group.  The lack of collaboration in the morning cohort and then the negativity that descended was something I'm thinking about as we proceed into our violently crushed quadmester.  I've encouraged collaboration in face to face computer tech classes as no one works alone in modern tech jobs, yet the boys seem at a distinct advantage when it comes to creating or engaging in collaborative work, though even a small population of girls changes this dynamic.

This is an even bigger problem in my conservative country school where girls are peer and system pressured out of taking technology courses.  I'm lucky to have 10% female participation in my junior computer technology courses.  In senior courses we're lucky to have a single girl in any of the classes of up to thirty-one students.  The is problematic beyond our classroom.  Women are least engaged in engineering and computer science where the most lucrative careers currently are.

At the end of the day many students got their first glimpse into cybersecurity and a number of them are curious, which is good because we need to open up this pathway to students.  My original intent in giving this a try was to give students an opportunity to demonstrate their technical skills, but a surprisingly large chunk of the class, including students I thought would dig through it more effectively, were startlingly quick to give up and get pwned by some pretty simple hacks.  This is making me wonder how Ontario students are doing in our half elearning face to face and fully remote learning courses during this pandemic.  I fear our level of technical fluency is so shallow that unless online teachers are all doing simplistic, repetitive tasks that require no actual digital fluency, they and their students are unable to effectively engage.  This goes a long way to explain poor online engagement.

From the latest attempt to encourage Ontario
Educators to integrate cybersecurity into their
practice, especially if they're putting children
on hackable online devices.
I realize that cybersecurity scares the daylights out of most people (I've spent the past 3 years trying to engage Ontario educators in it to poor effect), but if we're going to be putting more and more of our education system into digital spaces then we're all responsible for raising digital fluency to the point where everyone can demonstrate resiliency in the face of unexpected outcomes.  At the moment, throwing up your hands in the air and giving up seems to be the solution for too many people.  Hopefully things like ICTC's work with Field Effect will help spread a deeper and more resilient tool for improving cyber-fluency.  Everyone working in the cloud needs this.
Posted by at
Labels: ,

Friday, 22 May 2015

Cheaper Teachers for a Cheaper World

I'm reading The World Beyond Your Head, the latest from Shopclass As Soulcraft writer Matt Crawford.  In this chapter he's been working out how experts manipulate their environment in order to expedite their mastery.

 How an expert arranges the space around them in order to perform allows non-experts a window into skills that might otherwise be beyond them; you can comprehend mastery indirectly by observing how an expert arranges the space around them.  The difference between an amateur and professional chef becomes obvious from this assessment.

 This is an interesting observation that goes to the core of much of the friction in teaching nowadays.  Most of the lay public has no idea how teaching works yet they feel capable of criticizing the profession.  'I was once in school, so I know how to teach' makes as much sense as, 'I once had surgery so now I'm a surgeon'.  By looking at how teachers 'jig' learning spaces someone who has never taught might get a glimpse into the complexity of the craft.

 The idea that experts manipulate the space around them is something that many people might intuitively understand without thinking through the why.  With few exceptions a master will create an organized system around them that allows them to efficiently operate; the space around them becomes an extension of their mind used to organize and expedite their activity.  The process of learning how to jig your environment to support your expertise is one of the most obvious indicators of mastery.  Disorganization, clutter and lost tools are an apprentice's battle.  This sheds some light on my mechanic father's constant frustration at the state in which I left his work bench.  

 The generic workspace is even worse.  This space is designed for you by the thinking class and you are reduced to a simplistic component with limited expectations.  You don't need professionalism or mastery in an environment like that.  This is the world most teacher critics inhabit. Their limited education has made them ideal simplistic components.
What a jig is and how it's vital to the expert.  Do you jig your
classroom, or do you rock the assembly line?  Via Google Books.

You can often see expertise in teaching through how a teacher arranges their classroom.  The learning environment that is jigged by the teacher to enable them to educate more effectively also reflects a deeper understanding of the art of instruction.  This teacher's classroom contains nothing extraneous.  The teacher knows where everything in there is and how to use it.  There are no dusty, unused text books on shelves or out of date posters on the wall.  You can see intent in how the classroom is designed.

 Not only is the equipment at hand, but how its arranged can also facilitate how a lesson is presented; structured meaning is hidden in everything from floor plans to decorations to seating arrangements.  By contrast the classroom that looks like an assembly line indicates a teacher of the McDonalds variety.  It's hard to argue for professional dignity in teaching when so many teachers are more than happy to follow fast food methods.  Take a walk around any school.  Do all the rooms look the same?  Are they expected to?
A great example of how an expert creates and uses their own jigs to
enable them to produce results well beyond the layman.
The idea that a job can be done more efficiently (read: more cheaply) using a tightly controlled, top down system is the way of things in our increasingly computerized world.  We have machines making life and death decisions for us now instead of demanding human expertise.  Machines are only going to get better at making these decisions as humans only become more atrophied at them

 The comparison between the McDonald's assembly line with its rigid, dictated jig and the cook who controls her own space is stark.  Both environments are designed to aid the person inhabiting them create a better product, but one is authored by the person themselves while the other is instituted (and enforced) by unseen management.  One is designed for cogs, the other demands expertise.  One demands respect for the worker's mind, the other makes them disposable hands.

 We're offloading the value of skilled labour onto organizational structures.  The initial idea is that this saves money, but I suspect the long term implications are lowered expectations, workers made powerless and ultimately a less democratic division of knowledge.  If mastery is dying thanks to a neoliberal drive to lowest cost production (experts are more expensive and difficult to manage than easily exchangeable and cheaper unskilled labour, especially when we can oversee them with continually improving surveillance technology), we can expect some of the last bastions of professionalism to eventually dry up and take on the minionized labour processes that have infected private business.

 "Cheap men need expensive jigs; expensive men need only their tools" rings true in the direction many people seem to want education to go.  A centrally controlled system with 'facilitators' instead of 'teachers' that lean on the burgeoning might of educational technology not only satisfies the possibility of selling technology to education systems (perhaps even monopolizing them!), but it also scratches the itch of the moneyed class to centralize both profits and knowledge.  We can expect less from facilitators in pre-jigged classrooms with assembly line learning couched in centralized cloud based computing with ready made lessons aimed at standardized tests.  You need only show up, start the video and let Khan at 'em on their clearly branded corporate learning devices.  You could probably hire three facilitators in that environment for the price of one teacher:  cost savings!
It's much cheaper to watch sanitized  media and sit in rows preparing
for standardized tests than it is to actually do things.  Fortunately, people
who actually do things aren't really needed in our efficiently designed future.
Since going mainstream digital technology is intent on market share rather than serving the user. Getting machines into as many hands as possible is the mandate now and that mandate is served by simplistic, closed ecosystems designed to create consumers.  I'm not sure if neoliberalism has incorporated digital technology or it's the other way around, but no matter how you look at it the two social influences work hand in glove.

 The expectation of mere competence, let alone mastery, is dying.  You can observe this by watching how fewer and fewer employees are expected to jig their own environments to serve their process (the process isn't theirs any more).  Workplaces are now assembly lines of the mind with dictated jigs.  Employees are assessed on their willingness to adjust to these systems, the less free thought the better.

 We are centralizing expertise on a massive scale (just follow the money) and creating a future where everything will look similar and pre-decided, but ever so efficient. The classroom is one of the last bastions of professionalism where an expert can apply their own jig but the days of reasonable class sizes and hands on learning that allow for this kind of jigging are drawing to a close.  Teachers should enjoy the final days of self determination in their workplace, the future is designed for cheap, disposable people.  Fortunately the world is full of them.
Once in the top five, Canada is beginning to follow the US down the education rankings
as de-professionalization reduces teachers (and the students they teach)
into low paid, disposable labour.
Posted by at
Labels: , , , ,
Subscribe to: Posts (Atom)